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(54) REMOTE AUTHENTICATION SYSTEM 

(57)Abstract: 

PROBLEM TO BE SOLVED: To provide a remote 
authentication system capable of surely judging the 
identification an individual and the presence/absence of 
his access right and substantially improving handleability 
at the time of authenticating the individual by using 
obtained biometrics information and key inputted user 
identification information corresponding to the operation 
of a prescribed authentication information acquisition 
software. 

SOLUTION: In a Web system 1, authentication is 
performed by biometrics information. In this case, 
corresponding to an accessing user terminal 5, a data 
kind as access information, an authentication request part 
4B operated in a Web server terminal 4 as a client of the 
authentication, the environment of a Web server S/W4C 
being an application in use and authentication history 
(authentication time state), an authentication information 
obtaining S/W for dynamically obtaining the information 
required for the authentication is selected. Thus, 
identification of an individual and the presence/absence of his access right are surely judged 
corresponding to the environment. 
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1 .This document has been translated by computer. So the translation may not reflect the original 
precisely. 

2.**** shows the word which can not be translated. 
3. In the drawings, any words are not translated. 


CLAIMS 


[Claim(s)] 

[Claim 1] In the remote authentication system which attests the user who a user terminal is 
connected to a network with an authentication server and an authentication client, respectively, 
and accesses the above-mentioned authentication client through the above-mentioned user 
terminal At least 1 or two or more kinds of biometrics acquisition equipments are connected to 
the above-mentioned user terminal. Or 1 or two or more authentication information acquisition 
software according to the above-mentioned user are stored, the above-mentioned authentication 
server — the above-mentioned user terminal — and — Or it responds to actuation of the 
predetermined authentication information acquisition software according to the above-mentioned 
user, the above-mentioned user terminal downloaded from the above-mentioned authentication 
server on the occasion of authentication — and — the biometrics information acquired with the 
above 1 or two or more kinds of biometrics acquisition equipments — and — or the remote 
authentication system characterized by using the user-identification information which it keyed. 
[Claim 2] In the remote authentication system which attests the user who a user terminal is 
connected to a network with an authentication server, respectively, and accesses the above- 
mentioned user terminal At least 1 or two or more kinds of biometrics acquisition equipments are 
connected to the above-mentioned user terminal. Or 1 or two or more authentication information 
acquisition software according to the above-mentioned user are stored, the above-mentioned 
authentication server — the above-mentioned user terminal — and — Or it responds to actuation of 
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the predetermined authentication information acquisition software according to the above- 
mentioned user, the above-mentioned user terminal downloaded from the above-mentioned 
authentication server on the occasion of authentication — and — the biometrics information 
acquired with the above 1 or two or more kinds of biometrics acquisition equipments — and — or 
the remote authentication system characterized by using the user-identification information 
which it keyed. 

[Claim 3] The remote authentication system according to claim 1 or 2 characterized by having 
the authentication information acquisition software which has the procedure in which the above- 
mentioned user chooses whether it uses any they are among two or more above-mentioned 
biometrics acquisition equipments connected to the above-mentioned user terminal, and inputs as 
the above-mentioned biometrics information. 


DETAILED DESCRIPTION 


[Detailed Description of the Invention] 
[0001] 

[Field of the Invention] This invention relates to the system which judges existence of 
specification of an individual and the access privilege to that individual's information and 
application intensively at one authentication server terminal by biometrics in a remote 
authentication system. 
[0002] 

[Description of the Prior Art] Conventionally, in the information processing system connected to 
the network, authentication makes [ specify an individual and ] a judgment of this individual's 
access permission, and disapproval for a security protection, namely, is required. Moreover, in 
the cash dispenser of a bank, individual authentication is carried out also at the time of close 
leaving to the authentication for accessing the dealings information of these individuals, such as 
specification of an individual and the credit balance, the high research location of whenever [ 
secret ], membership system crab, etc. 

[0003] Specification of an individual and qualification of rating, i.e., authentication, are carried 
out with storage of individuals, such as a magnetic card which is the same positioning as an 
identification card etc. as these authentications, an IC card, and a password, and such 
combination, however, a password etc. — fear of oblivion — it is — that, as for a magnetic card, 
an IC card, etc., authentication falls impossible by loss, destruction, etc. leakage of a 

theft or password information — a principal — there is a problem of except becoming completely 
with a principal and being attested. Moreover, although it is necessary to attest with a principal 
certainly in order to keep whenever [ secret ] high by these, that it is that much hard to remember 
that a password etc. is complicated or means, such as a one-time password (OTP), are used, it 
becomes or the authentication actuation itself becomes complicated. To carry out authentication 
by storage in a wide area (it is used at two or more stores of a bank), it is necessary to manage 
authentication information intensively, without using a magnetic card etc. furthermore. 
[0004] 

[Problem(s) to be Solved by the Invention] On the other hand, by the authentication using the 
biometrics information which is the living body-description of individuals, such as fingerprint 
information, palm-print information, hand information, and retina information, while canceling 
complicatedness, it becomes completely, and ** is difficult. When the authentication using 
biometrics information is required in a wide area, intensive management and authentication are 
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required also from the same reason as and the field of privacy protection. When carrying 
out authentication using this biometrics information intensively, it is important to choose the 
suitable authentication approach with security level (secret level), such as what needs not only 
every user but authentication, and a location, a system, and to acquire authentication information. 
[0005] He is IETF () here. [ Internet Engineering ] RFC2138 (Remote Authentication Dial 
InUser Service) registered into RFC (Request ForComment) of Task Force Although the 
RADIUS server Following RADIUS and a front RFC 2058 are described to be by updating 
receives the authentication demand of a RADIUS client, performs authentication processing 
intensively and returns an authentication result An authentication means and authentication 
information were beforehand decided fixed for every user, and when biometrics information was 
acquired, there was a problem that an authentication means and authentication information could 
not be dynamically changed according to the acquisition environment. 

[0006] Like the "authentication approach on a network" further shown in JP,9-81518,A as such a 
conventional example, when the user host has accessed the application server, an application 
server requests a user's authentication from an authentication server using a fixed authentication 
means and authentication information, and there is the authentication approach that an 
authentication result is received. 

[0007] Moreover, although biometrics information is effective in identifying an individual, there 
is also a problem on acquisition sanitarily like [ in the case of being accompanied by the 
problem, and the thing and dysphoria with dirty biometrics acquisition equipment itself of 
privacy protection ]. 

[0008] In case this invention was made in order to cancel the above trouble, and it attests an 
individual using biometrics information, it aims at acquiring the remote authentication system 
and the remote authentication approach which may improve user-friendliness on a target 
markedly while it can judge specification of an individual and the existence of this individual's 
access affair certainly. 
[0009] 

[Means for Solving the Problem] To a network the remote authentication system concerning this 
invention An authentication server, In the remote authentication system which attests the user to 
whom it connects, respectively and a user terminal accesses the above-mentioned authentication 
client through the above-mentioned user terminal with an authentication client At least 1 or two 
or more kinds of biometrics acquisition equipments are connected to the above-mentioned user 
terminal. Or 1 or two or more authentication information acquisition software according to the 
above-mentioned user are stored, the above-mentioned authentication server — the above- 
mentioned user terminal — and — Or it responds to actuation of the predetermined authentication 
information acquisition software according to the above-mentioned user, the above-mentioned 
user terminal downloaded from the above-mentioned authentication server on the occasion of 
authentication — and — the biometrics information acquired with the above 1 or two or more 
kinds of biometrics acquisition equipments — and — or the user-identification information which 
it keyed is used. 

[0010] Moreover, a user terminal is connected to a network with an authentication server, 
respectively, and the remote authentication system concerning the next invention is set to the 
remote authentication system which attests the user who accesses the above-mentioned user 
terminal. At least 1 or two or more kinds of biometrics acquisition equipments are connected to 
the above-mentioned user terminal. Or 1 or two or more authentication information acquisition 
software according to the above-mentioned user are stored, the above-mentioned authentication 
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server — the above-mentioned user terminal — and — Or it responds to actuation of the 
predetermined authentication information acquisition software according to the above-mentioned 
user, the above-mentioned user terminal downloaded from the above-mentioned authentication 
server on the occasion of authentication — and — the biometrics information acquired with the 
above 1 or two or more kinds of biometrics acquisition equipments — and — or the user- 
identification information which it keyed is used. 

[001 1] The remote authentication system which furthermore starts the next invention is equipped 
with the authentication information acquisition software which has the procedure in which the 
above-mentioned user chooses whether it uses any they are among two or more above-mentioned 
biometrics acquisition equipments connected to the above-mentioned user terminal, and inputs as 
the above-mentioned biometrics information. 
[0012] 

[Embodiment of the Invention] With reference to a drawing, the gestalt of implementation of this 
invention is explained in full detail below. 

[0013] The configuration of the gestalt 1 of operation at the time of applying this invention to the 
Web system 1 at gestalt 1. drawing 1 of operation is shown. The authentication server terminal 3, 
the authentication client terminal 4 (this example Web server terminal), and user-terminal 5 
grade are connected on a network 2. When Web server 4 is accessed through a user terminal 5 
from a user by such Web system 1 , the user's personal authentication is received from the 
authentication server terminal 3, and its service is given to a user by the result. 
[0014] The authentication server terminals 3 are computer apparatus (what has CPU, memory, a 
disk, the communications control section, etc. as a configuration is shown hereafter) which store 
authentication control-section 3A, authentication information database 3B, and authentication 
information acquisition software pool (software is hereafter described to be S/W) 3C, such as a 
personal computer and a workstation. Moreover, the Web server terminals 4 are computer 
apparatus with which Web server database 4A, and authentication request section 4B and Web 
server S/W4C to be attested [ of a user ] operate, such as a personal computer and a workstation. 
[0015] User-terminal equipment 5 is browser 5 A which displays the information on the Web 
server terminal 4, and computer apparatus with which authentication information acquisition 
S/W5B operates, such as a personal computer and a workstation. Moreover, biometrics 
acquisition equipment 6 is connected to user-terminal equipment 5. Biometrics acquisition 
equipment 6 shows the retina information acquisition equipment 10 grade which acquires the 
retina information on the body as biometrics information with the fingerprint acquisition 
equipment 7 which acquires the fingerprint and palm-print information on the body as biometrics 
information by an image processing etc., palm-print acquisition equipment 8, the character 
recognition tablet 9 which acquires the hand information which the user drew as biometrics 
information, an eyegrounds scan, etc. 

[0016] The flow of the authentication processing in such a Web system 1 is shown in drawing 2 . 
Browser 5 A which is operating with user-terminal equipment 5 first and which is application 
explains the case (SP1) where the information on high Web server database 4 A of whenever [ 
secrecy / of the Web server terminal 4 / in which a user is the client of authentication ] is 
accessed. Web server S/W4C which is performing the access control of the high information on 
whenever [ secrecy ] and which is application needs to perform user authentication, in order for 
whether this user has an access permission to judge (SP10). 

[0017] That is, Web server S/W4C of the Web server terminal 4 notifies being attested [ of a user 
] to authentication request section 4B with Client ID (identifier of the authentication request 
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section), Application ID (identifier of Web server S/W4C which is the application which needs 
authentication), and access data classification (secret level of the data which the user has 
accessed) (SP1 1). Authentication request section 4B transmits an authentication demand of a 
user including the above-mentioned information to the authentication server terminal 3. 
[0018] Authentication control-section 3 A of the authentication server terminal 3 which received 
the authentication demand of a user chooses authentication information acquisition S/Wl 1 from 
the authentication client ID, Application ID, and access data classification (SP20). The 
authentication information acquired, respectively was decided and authentication information 
acquisition S/Wl 1 also has authentication information acquisition S/Wl 1 which acquires two or 
more authentication information. Authentication control-section 3A transmits selected 
authentication information acquisition S/Wl 1 to the Web server terminal 4 which is the client of 
authentication (SP21). 

[0019] Authentication request section 4B of the Web server terminal 4 hands over authentication 
information acquisition S/Wl 1 transmitted to Web server S/W4C, acquisition of authentication 
information is directed from a user, and authentication information acquisition S/Wl 1 is 
transmitted to a user terminal 5 from Web server S/W4C by the directions (SP12). 
[0020] As for browser 5 A of a user terminal 5, transmitted authentication information acquisition 
S/Wl 1 operates reception and this authentication information acquisition S/Wl 1 as 
authentication information S/W5B (SP2). Authentication information S/W acquires the 
authentication information usually spontaneously used by the conventional computer systems, 
such as biometrics information, such as acquisition of user ID (an identifier, a firm, a personnel 
number, affiliation, an address, a telephone, etc. and ID currently assigned for every individual 
by the system), fingerprint information and palm-print information, hand information, and retina 
information, a password, and a one-time password. It may operate in harmony with other S/W, 
such as a driver which acquires authentication information at this time. Authentication 
information acquisition S/W5B transmits the user ID and authentication information which were 
acquired to the Web server terminal through browser 5A (SP3). 

[0021] Authentication request section 4B of the Web server terminal 4 transmits the user ID and 
authentication information which were acquired from the user to the authentication server 
terminal 3 through Web server S/W4C (SP13). Using the user ID and authentication information 
which were transmitted, authentication control-section 3 A of the authentication server terminal 3 
carries out user authentication (SP22). Authentication information, such as biometrics 
information transmitted at this time, is collated with the individual humanity news accumulated 
in authentication information database 3B of the authentication server terminal 3 from the first. 
When it is judged as a principal by collating of all the transmitted authentication information, 
this result is notified to the Web server terminal which is the client of authentication. Moreover, 
if a collating result is not right, it judges that he is not a principal and notifies at least one of this 
(SP23). 

[0022] Authentication request section 4B of the Web server terminal 4 which is the client of 
carrier beam authentication about an authentication result notifies the authentication result to 
Web server S/W4C. Web server S/W4C judges the access permission or disapproval to high 
information of whenever [ secrecy / of a Web server database ] to this user by this authentication 
result (SP14). For example, actuation to user access, such as displaying this extra sensitive 
information, is performed. 

[0023] in addition — if it enciphers between between a user terminal 5 (authentication 
information acquisition S/W5B) and the Web server terminal 4, the Web server terminal 4, and 
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the authentication server terminal 3 (authentication control-section 3 A), while being able to keep 
authentication information secret — a better threat is reducible, moreover — even if it 

enciphers between not between individual terminals but the user terminal 5 (authentication 
information acquisition S/W5B), and the authentication server terminal 3 (authentication control- 
section 3 A) — the same a better threat is reducible. 

[0024] example 1 . — selection processing of the simple example of a database structure and 
authentication information acquisition S/W5B is explained here using drawing 3 and drawing 4 . 
The item of user ID, user level, and authentication information is stored in authentication 
information database 3B of drawing 3 as information for every individual user. User ID is an 
identifier, a firm, a personnel number, affiliation, an address, a telephone, etc. and ID currently 
assigned for every individual by the system. Moreover, user level is an access level to extra 
sensitive information, and authentication information is biometrics information, such as 
fingerprint information as authentication information on a collating agency, hand information, 
and retina information, password information, the information on a one-time password, etc. 
further. 

[0025] The authentication information acquisition S/Wl 1 grade which acquires authentication 
information acquisition S/W 1 1 which acquires both fingerprint information and retina 
information, authentication information acquisition S/Wl 1 which acquires two fingerprint 
information, fingerprint information, and hand information is stored in authentication 
information acquisition S/W pool 3C of drawing 4 . Moreover, selectable authentication 
information acquisition S/W 1 1 and data classification corresponding to secret level in 
authentication information acquisition S/W pool 3C are shown. 

[0026] Let the case where the user has accessed information on Web server database 4C of data 
classification =17 first be an example as explanation of the optional feature of authentication 
information acquisition S/Wl 1 of the authentication server terminal 3 in this example 1. It is 
referred to as authentication client ID=15 which are equivalent to the identifier of authentication 
request section 4B at this time, and is referred to as application ID=25 equivalent to the identifier 
of Web server S/W4C. Web server S/W4C notifies being attested [ of a user ] to data 
classification =17 at authentication request section 4B at the time of access generating. 
Authentication request section 4B transmits the above-mentioned information, data classification 
=17, authentication client ID=15, and an authentication demand of the user containing 
application ID=25 to the authentication server terminal 3. And the authentication server terminal 
3 receives the authentication demand including such information. 

[0027] Since the data with which authentication control-section 3 A of the authentication server 
terminal 3 was required as the database of authentication information acquisition S/W pool 3C of 
drawing 4 from the data classification of the received authentication demand are level 2 
whenever [ secret ], they get to know the selectable candidate of with a level of two or more 
authentication information acquisition S/Wl 1 like a graphic display. 

[0028] Some another examples of an authentication information database are explained like 
drawing 3 using example 2., drawing 5 , and drawing 6 . Here, selectable authentication 
information acquisition S/W 1 1 for every authentication client ID and every application ID is 
shown. Authentication control-section 3 A of the authentication server terminal 3 gets to know 
the candidate of authentication information acquisition S/Wl 1 which can choose from the 
authentication client ID and can be chosen from Application ID using such information. 
Therefore, A, B, C, D, E, and F become a candidate, C, D, and E become a candidate by the 
authentication client ID, with Application ID, A, D, E, and F become a candidate and one of D 
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and the E is eventually chosen by data classification. 

[0029] The authentication server terminal 3 from the candidate of this selectable authentication 
information acquisition S/W chooses selection or S/W regular fixed with means, such as 
selection or sequential selection, at random. According to environments, such as data 
classification which is access information, authentication request section 4B which is operating 
with the equipment which is the client of authentication, and Web server S/W4C which is the 
application used, an authentication means and authentication information can be flexibly chosen 
like this example, and the existence of specification of an individual and this individual's access 
privilege can be certainly judged according to an environment. 

[0030] example 3. — as a following example, user ID is contained in the authentication demand 
and the case where detail setting out is carried out as the authentication information database of 
drawing 3 </A> shows drawing 7 is explained. The flow of this processing is shown in drawing 
8 which gave the same sign to the corresponding point with drawing 2 . first, the Web server 
terminal 4 — user ID (an identifier, a firm, and a personnel number — ) ID currently assigned for 
every individual by affiliation, the address, the telephone, etc. and the system is acquired. The 
user ID, Client ID (identifier of authentication request section 4B) which were acquired This 
user's authentication is requested from authentication request section 4B with Application ID 
(identifier of Web server S/W4C which is the application which needs authentication), and 
access data classification (secret level of the data which the user has accessed). 
[0031] When the authentication information database 3B of drawing 7 is attested with a user's 
classification (data administrator, general user, etc.), the authentication client ID which can be 
used, the application ID which can be used, and a principal, the selection situation of 
authentication information acquisition S/W to the past count of convention authentication and the 
information for every user individuals, such as a rate of collating, the total count of 
authentication, and a selection criterion, are added to the authentication information database of 
drawing 3 as the control information of the application handed over by application and a 
collating log. 

[0032] When user ID is contained in the authentication demand, it chooses in accordance with 
the selection criterion of the applicable user of drawing 7 . It is user ID =1 as an example, and, as 
for others, in the case of data classification =17, authentication client ID=15, and application 
ID=25 as well as a front example, authentication request section 4B transmits an authentication 
demand of the user who contains user ID =1, data classification =17, authentication client ID=15, 
and application ID=25 as the above-mentioned information to the authentication server terminal 
3. 

[0033] And the authentication server terminal 3 receives the authentication demand including 
such information. A, B, C, D, E, and F become a candidate by data classification like C, D, 
and E become a candidate by the authentication client ID, by Application ID, A, D, E, and F 
become a candidate and one of D and the E is chosen eventually. Moreover, user ID = since it is 
1, authentication control-section 3 A chooses by the total count of authentication, the 1st time of 
the total count of authentication — D and the 2nd time — E3 time — D and 4timeE .... as — it 
chooses, here — user ID =1 — the total — by count =of authentication 20, since it is the 21st time 
this time, D of authentication information acquisition S/W 1 1 is chosen. 

[0034] If the authentication client ID which can be used for authentication information database 
3B for every user, and the application ID which can be used have assignment as shown in other 
examples . and drawing 7 , only while using the authentication client and application which were 
specified, the access control of sending authentication information acquisition S/Wl 1 to this user 
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can be realized. Here, since 15 is in the client ID which can be used and 25 is in the application 
ID which can be used, sending of authentication information acquisition S/Wl 1 is permitted. 
[0035] Moreover, the propriety of sending of authentication information acquisition S/Wl 1 can 
be judged also by user classification shown in drawing 7 . If secret level is furthermore similarly 
assigned to an authentication client and application with a user, the authentication server terminal 
3 can choose authentication information acquisition S/Wl 1 from the level of an authentication 
client, the level of application, and the level of access data classification at the time of selection 
of authentication information acquisition S/Wl 1. That is, control which is chosen from 
authentication information acquisition S/Wl 1 more than the highest level in three, for example 
can be performed. 

[0036] Although it is the same as that of **** after sending of authentication information 
acquisition S/Wl 1, since user ID is already acquired, the places to which only authentication 
information is transmitted differ. Moreover, when attested with the principal of drawing 7 , the 
Web server terminal 4 can also realize a variegated access control using Key-1 which is the 
control information of the application handed over by application. 

[0037] Furthermore, when a selection criterion replaces with this although the selection criterion 
was the total count of authentication in **** as an example of the rate of collating of drawing 7 , 
and a selection criterion considers as collating assessment, in with a level of two or more 
authentication information acquisition S/Wl 1, the highest thing of the past collating assessment 
is looked for from this user's collating log, and it is chosen. Here, since collating assessment of 
the last E is the highest, E is chosen. 

[0038] Moreover, there is also an example which omits the authentication acquisition S/W 
transfer to an authentication client from the authentication server terminal 3. When 
authentication information acquisition S/W is decided by the case of the Web system 1 
mentioned above fixed, the Web server terminal 4 of an authentication client acquires 
authentication information acquisition S/Wl 1 beforehand, and you may make it transmit the 
authentication information acquisition S/Wl 1 without a transfer of authentication information 
acquisition S/W to the Web server terminal 4 of an authentication client from the authentication 
server terminal 3 in it at a user terminal 5 with the Web server terminal 4 which is an 
authentication client. 

[0039] As mentioned above, it sets to this Web system 1. The user who has accessed when 
attesting using biometrics information, The data classification which is access information, and 
authentication request section 4B which is operating at the Web server terminal 4 which is the 
client of authentication, The existence of specification of an individual and this individual's 
access privilege can be certainly judged according to the environment by choosing authentication 
information acquisition S/W 1 1 which acquires information dynamically required for 
authentication according to environments and authentication hysteresis (at the time of 
authentication condition), such as Web server S/W4C which is the application used. 
[0040] gestalt 2. of operation — the gestalt 1 of operation is simplified in the gestalt 2 of this 
operation. Drawing 9 which gave the same sign to the corresponding point with drawing 1 has 
the user terminal which acquires biometrics information, and the same terminal of an 
authentication client. They are computer apparatus with which local database 5C which there is 
database retrieval application 5E which performs database retrieval as an example of application 
to be attested, and database retrieval application 5E uses, authentication request section 5D, and 
database retrieval application 5E to be attested [ of a user ] and authentication information 
acquisition S/Wl 1 operate, such as a personal computer and a workstation. It connects with the 
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user terminal 5, and it is the completely same configuration as the gestalt 1 of operation 
mentioned above, and biometrics acquisition equipment 6 is the completely same configuration 
as the gestalt 1 of the operation which also mentioned the authentication server terminal 3 above. 
[0041] In drawing 10 which is fundamentally the same as the gestalt 1 of above-mentioned 
operation, and gave the same sign to the corresponding point with drawing 2 and drawing 8 
database retrieval application 5E In case it accesses to the extra sensitive information of local 
database 5C, (SP5), User ID (an identifier, a firm, a personnel number, affiliation, an address, a 
telephone, etc. and ID currently assigned for every individual by the system) is acquired first 
(SP6). The user ID, Client ID (identifier of authentication request section 5D) which were 
acquired This user's authentication is requested from authentication request section 5D with 
Application ID (identifier of database retrieval application 5E which is the application which 
needs authentication), and access data classification (secret level of the data which the user has 
accessed) (SP7). 

[0042] Actuation of the authentication server terminal 3 is the same as the gestalt 1 of operation, 
authentication processing is performed, and authentication request section 5D of the user 
terminal 5 which is the client of carrier beam authentication about an authentication result 
notifies the authentication result to database retrieval application 5E. Database retrieval 
application 5E judges whether access to the high information on whenever [ secrecy / of local 
database 5C ] is permitted to this user by this authentication result (SP8). For example, actuation 
to user access, such as displaying this extra sensitive information, is performed. According to 
such a configuration, a user terminal 5 can acquire the same effectiveness as the gestalt 1 of 
operation mentioned above in the configuration which advances an authentication request. 
[0043] gestalt 3. of operation — with the gestalt 3 of this operation, in drawing 2 and drawing 1 1 
which gave the same sign to the corresponding point with drawing 8 , when the personal 
authentication information specified by authentication information acquisition S/Wl 1 
transmitted from the authentication server 3 does not suit a user's intention, the procedure (SP2B, 
SP12A) in which a user refuses applicable authentication information acquisition S/W is shown. 
The authentication server terminal 3 with which acquisition was refused reselects other 
authentication information acquisition S/W (SP20A). However, it is the case where there is other 
authentication information acquisition S/W which can reselect as mentioned above about 
drawing 4 . 

[0044] When accompanied by a thing and dysphoria with the specified biometrics acquisition 
equipment 6 dirty when using biometrics as individual authentication information, a user does 
refusal. Although biometrics is effective in identifying an individual, the problem of privacy 
protection and the opportunity for a user to also refuse or change a sanitary problem for a certain 
reason are indispensable as mentioned above. 

[0045] Moreover, also when biometrics acquisition equipment 6 cannot trust it in security, even 
if there is the intention to say that he wants to specify alternative means, such as a one-time 
password (OTP), even if complicated [ other than biometrics information ] and it follows the 
intention of refusal of a user or modification, the effectiveness that the existence of specification 
of an individual and this individual's access privilege can be certainly judged according to the 
environment can acquire by choosing authentication information acquisition S/W which acquires 
information dynamically required for authentication. 

[0046] As a means to acquire the same effectiveness as the gestalt 3 of gestalt 4. implementation 
of operation, the optional feature of acquisition authentication information is included in 
authentication information acquisition S/W of the gestalten 1 and 2 of operation itself. In the 
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example of the gestalt 1 of operation, what carries out authentication implementation for the 
fingerprint and hand information on D, and the thing to attest only with the fingerprint of E can 
be chosen as authentication information acquisition S/W which can be chosen. At this time, the 
places to which authentication information acquisition S/W which an authentication server 
combines with the authentication information acquisition function of D and E both is transmitted 
differ. 

[0047] The configuration and operations sequence of Web system 1 the very thing are the same 
as that of the gestalten 1 and 2 of operation. The screen image of authentication information 
acquisition S/W by the side of a user is shown in drawing 12 . A user chooses either from D/E 
and acquires his own [ an authentication means and ] authentication information. If it chooses 
any of the selection carbon buttons 12A and 12B of a screen they are, authentication information 
acquisition S/W will operate, and authentication information chosen actually is acquired. At the 
authentication server terminal 3, with the classification of the sent authentication information, it 
can judge whether it can attest in the group of the sent information, and the same effectiveness as 
the gestalt 3 of operation can be acquired. 

[0048] Although the authentication information acquired by authentication information 
acquisition S/W was determined with the gestalten 1-4 of the gestalt 5. above-mentioned 
operation of operation, it is good even if like [ which the authentication information acquired not 
on authentication information acquisition S/W but on a screen is shown ]. For example, at the 
time of the count of authentication of the detail database of the gestalt 1 of operation, it is 
displayed that fingerprint information and hand information are sent to a screen. Thereby, a user 
operates the software which acquires authentication information spontaneously according to the 
displayed content, and sends the acquired authentication information to the authentication server 
terminal 3. 

[0049] Moreover, you may make it display that the authentication information which was not 
shown concretely but was beforehand decided by the display is sent. In this case, the software 
with which a user acquires authentication information for all the authentication information 
beforehand notified in advance by storage of a user from the manager etc. to the user separately 
spontaneously is operated, and the acquired authentication information is sent to an 
authentication server. If it does in this way, the same effectiveness as the gestalt 1 of above- 
mentioned operation is realizable, but in a display, since a means to acquire serves as treatment 
like a password when sending the authentication information which was not shown concretely 
but was decided beforehand, security can be improved much more. 

[0050] In addition, in the gestalten 1-4 of above-mentioned operation, in the Web server terminal 
4, although the case where a user's personal authentication was performed was described, it is 
widely applicable [ this invention ] to the general control unit which needs a user's personal 
authentication like the close leaving terminal unit connected not only to this but to the network. 
[0051] 

[Effect of the Invention] As above-mentioned, according to this invention, in case it attests using 
biometrics information, although an authentication server chooses biometrics acquisition 
equipment and authentication information freely and acquires them according to the acquisition 
environment of a user's biometrics information, it is made, and can realize the remote 
authentication system which can judge the existence of specification of a user and that user's 
access privilege certainly in this way. 

[0052] Moreover, a user can change and refuse the authentication information acquired when 
there is dissatisfaction about acquisition of the specified authentication information, and even 
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when the equipment which acquires the case where biometrics acquisition equipment is 
accompanied by displeasure by dirty **, and biometrics information is not reliable, he can judge 
the existence of specification of a user and the user's access privilege certainly certain in this way 
with an alternative means. 


TECHNICAL FIELD 


[Field of the Invention] This invention relates to the system which judges existence of 
specification of an individual and the access privilege to that individual's information and 
application intensively at one authentication server terminal by biometrics in a remote 
authentication system. 


PRIOR ART 


[Description of the Prior Art] Conventionally, in the information processing system connected to 
the network, authentication makes [ specify an individual and ] a judgment of this individual's 
access permission, and disapproval for a security protection, namely, is required. Moreover, in 
the cash dispenser of a bank, individual authentication is carried out also at the time of close 
leaving to the authentication for accessing the dealings information of these individuals, such as 
specification of an individual and the credit balance, the high research location of whenever [ 
secret ], membership system crab, etc. 

[0003] Specification of an individual and qualification of rating, i.e., authentication, are carried 
out with storage of individuals, such as a magnetic card which is the same positioning as an 
identification card etc. as these authentications, an IC card, and a password, and such 
combination, however, a password etc. — fear of oblivion — it is — that, as for a magnetic card, 
an IC card, etc., authentication falls impossible by loss, destruction, etc. leakage of a 

theft or password information — a principal — there is a problem of except becoming completely 
with a principal and being attested. Moreover, although it is necessary to attest with a principal 
certainly in order to keep whenever [ secret ] high by these, that it is that much hard to remember 
that a password etc. is complicated or means, such as a one-time password (OTP), are used, it 
becomes or the authentication actuation itself becomes complicated. To carry out authentication 
by storage in a wide area (it is used at two or more stores of a bank), it is necessary to manage 
authentication information intensively, without using a magnetic card etc. furthermore. 


EFFECT OF THE INVENTION 


[Effect of the Invention] As above-mentioned, according to this invention, in case it attests using 
biometrics information, although an authentication server chooses biometrics acquisition 
equipment and authentication information freely and acquires them according to the acquisition 
environment of a user's biometrics information, it is made, and can realize the remote 
authentication system which can judge the existence of specification of a user and that user's 
access privilege certainly in this way. 

[0052] Moreover, a user can change and refuse the authentication information acquired when 
there is dissatisfaction about acquisition of the specified authentication information, and even 
when the equipment which acquires the case where biometrics acquisition equipment is 
accompanied by displeasure by dirty **, and biometrics information is not reliable, he can judge 
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the existence of specification of a user and the user's access privilege certainly certain in this way 
with an alternative means. 


TECHNICAL PROBLEM 


[Problcm(s) to be Solved by the Invention] On the other hand, by the authentication using the 
biometrics information which is the living body-description of individuals, such as fingerprint 
information, palm-print information, hand information, and retina information, while canceling 
complicatedness, it becomes completely, and ** is difficult. When the authentication using 
biometrics information is required in a wide area, intensive management and authentication are 
required also from the same reason as and the field of privacy protection. When carrying 
out authentication using this biometrics information intensively, it is important to choose the 
suitable authentication approach with security level (secret level), such as what needs not only 
every user but authentication, and a location, a system, and to acquire authentication information. 
[0005] He is IETF () here. [ Internet Engineering ] RFC2138 (Remote Authentication Dial 
InUser Service) registered into RFC (Request ForComment) of Task Force Although the 
RADIUS server Following RADIUS and a front RFC 2058 are described to be by updating 
receives the authentication demand of a RADIUS client, performs authentication processing 
intensively and returns an authentication result An authentication means and authentication 
information were beforehand decided fixed for every user, and when biometrics information was 
acquired, there was a problem that an authentication means and authentication information could 
not be dynamically changed according to the acquisition environment. 

[0006] Like the "authentication approach on a network" further shown in JP,9-81518,A as such a 
conventional example, when the user host has accessed the application server, an application 
server requests a user's authentication from an authentication server using a fixed authentication 
means and authentication information, and there is the authentication approach that an 
authentication result is received. 

[0007] Moreover, although biometrics information is effective in identifying an individual, there 
is also a problem on acquisition sanitarily like [ in the case of being accompanied by the 
problem, and the thing and dysphoria with dirty biometrics acquisition equipment itself of 
privacy protection ]. 

[0008] In case this invention was made in order to cancel the above trouble, and it attests an 
individual using biometrics information, it aims at acquiring the remote authentication system 
and the remote authentication approach which may improve user-friendliness on a target 
markedly while it can judge specification of an individual and the existence of this individual's 
access affair certainly. 


MEANS 


[Means for Solving the Problem] To a network the remote authentication system concerning this 
invention An authentication server, In the remote authentication system which attests the user to 
whom it connects, respectively and a user terminal accesses the above-mentioned authentication 
client through the above-mentioned user terminal with an authentication client At least 1 or two 
or more kinds of biometrics acquisition equipments are connected to the above-mentioned user 
terminal. Or 1 or two or more authentication information acquisition software according to the 
above-mentioned user are stored, the above-mentioned authentication server — the above- 
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mentioned user terminal — and — Or it responds to actuation of the predetermined authentication 
information acquisition software according to the above-mentioned user, the above-mentioned 
user terminal downloaded from the above-mentioned authentication server on the occasion of 
authentication — and — the biometrics information acquired with the above 1 or two or more 
kinds of biometrics acquisition equipments — and — or the user-identification information which 
it keyed is used. 

[0010] Moreover, a user terminal is connected to a network with an authentication server, 
respectively, and the remote authentication system concerning the next invention is set to the 
remote authentication system which attests the user who accesses the above-mentioned user 
terminal. At least 1 or two or more kinds of biometrics acquisition equipments are connected to 
the above-mentioned user terminal. Or 1 or two or more authentication information acquisition 
software according to the above-mentioned user are stored, the above-mentioned authentication 
server — the above-mentioned user terminal — and — Or it responds to actuation of the 
predetermined authentication information acquisition software according to the above-mentioned 
user, the above-mentioned user terminal downloaded from the above-mentioned authentication 
server on the occasion of authentication — and — the biometrics information acquired with the 
above 1 or two or more kinds of biometrics acquisition equipments — and — or the user- 
identification information which it keyed is used. 

[001 1] The remote authentication system which furthermore starts the next invention is equipped 
with the authentication information acquisition software which has the procedure in which the 
above-mentioned user chooses whether it uses any they are among two or more above-mentioned 
biometrics acquisition equipments connected to the above-mentioned user terminal, and inputs as 
the above-mentioned biometrics information. 
[0012] 

[Embodiment of the Invention] With reference to a drawing, the gestalt of implementation of this 
invention is explained in full detail below. 

[0013] The configuration of the gestalt 1 of operation at the time of applying this invention to the 
Web system 1 at gestalt 1. drawing 1 of operation is shown. The authentication server terminal 3, 
the authentication client terminal 4 (this example Web server terminal), and user-terminal 5 
grade are connected on a network 2. When Web server 4 is accessed through a user terminal 5 
from a user by such Web system 1 , the user's personal authentication is received from the 
authentication server terminal 3, and its service is given to a user by the result. 
[0014] The authentication server terminals 3 are computer apparatus (what has CPU, memory, a 
disk, the communications control section, etc. as a configuration is shown hereafter) which store 
authentication control-section 3A, authentication information database 3B, and authentication 
information acquisition software pool (software is hereafter described to be S/W) 3C, such as a 
personal computer and a workstation. Moreover, the Web server terminals 4 are computer 
apparatus with which Web server database 4A, and authentication request section 4B and Web 
server S/W4C to be attested [ of a user ] operate, such as a personal computer and a workstation. 
[0015] User-terminal equipment 5 is browser 5 A which displays the information on the Web 
server terminal 4, and computer apparatus with which authentication information acquisition 
S/W5B operates, such as a personal computer and a workstation. Moreover, biometrics 
acquisition equipment 6 is connected to user-terminal equipment 5. Biometrics acquisition 
equipment 6 shows the retina information acquisition equipment 10 grade which acquires the 
retina information on the body as biometrics information with the fingerprint acquisition 
equipment 7 which acquires the fingerprint and palm-print information on the body as biometrics 
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information by an image processing etc., palm-print acquisition equipment 8, the character 
recognition tablet 9 which acquires the hand information which the user drew as biometrics 
information, an eyegrounds scan, etc. 

[0016] The flow of the authentication processing in such a Web system 1 is shown in drawing 2 . 
Browser 5 A which is operating with user-terminal equipment 5 first and which is application 
explains the case (SP1) where the information on high Web server database 4 A of whenever [ 
secrecy / of the Web server terminal 4 / in which a user is the client of authentication ] is 
accessed. Web server S/W4C which is performing the access control of the high information on 
whenever [ secrecy ] and which is application needs to perform user authentication, in order for 
whether this user has an access permission to judge (SP10). 

[0017] That is, Web server S/W4C of the Web server terminal 4 notifies being attested [ of a user 
] to authentication request section 4B with Client ID (identifier of the authentication request 
section), Application ID (identifier of Web server S/W4C which is the application which needs 
authentication), and access data classification (secret level of the data which the user has 
accessed) (SP1 1). Authentication request section 4B transmits an authentication demand of a 
user including the above-mentioned information to the authentication server terminal 3. 
[0018] Authentication control-section 3 A of the authentication server terminal 3 which received 
the authentication demand of a user chooses authentication information acquisition S/Wl 1 from 
the authentication client ID, Application ID, and access data classification (SP20). The 
authentication information acquired, respectively was decided and authentication information 
acquisition S/Wl 1 also has authentication information acquisition S/Wl 1 which acquires two or 
more authentication information. Authentication control-section 3A transmits selected 
authentication information acquisition S/Wl 1 to the Web server terminal 4 which is the client of 
authentication (SP21). 

[0019] Authentication request section 4B of the Web server terminal 4 hands over authentication 
information acquisition S/Wl 1 transmitted to Web server S/W4C, acquisition of authentication 
information is directed from a user, and authentication information acquisition S/Wl 1 is 
transmitted to a user terminal 5 from Web server S/W4C by the directions (SP12). 
[0020] As for browser 5 A of a user terminal 5, transmitted authentication information acquisition 
S/Wl 1 operates reception and this authentication information acquisition S/Wl 1 as 
authentication information S/W5B (SP2). Authentication information S/W acquires the 
authentication information usually spontaneously used by the conventional computer systems, 
such as biometrics information, such as acquisition of user ID (an identifier, a firm, a personnel 
number, affiliation, an address, a telephone, etc. and ID currently assigned for every individual 
by the system), fingerprint information and palm-print information, hand information, and retina 
information, a password, and a one-time password. It may operate in harmony with other S/W, 
such as a driver which acquires authentication information at this time. Authentication 
information acquisition S/W5B transmits the user ID and authentication information which were 
acquired to the Web server terminal through browser 5A (SP3). 

[0021] Authentication request section 4B of the Web server terminal 4 transmits the user ID and 
authentication information which were acquired from the user to the authentication server 
terminal 3 through Web server S/W4C (SP13). Using the user ID and authentication information 
which were transmitted, authentication control-section 3 A of the authentication server terminal 3 
carries out user authentication (SP22). Authentication information, such as biometrics 
information transmitted at this time, is collated with the individual humanity news accumulated 
in authentication information database 3B of the authentication server terminal 3 from the first. 
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When it is judged as a principal by collating of all the transmitted authentication information, 
this result is notified to the Web server terminal which is the client of authentication. Moreover, 
if a collating result is not right, it judges that he is not a principal and notifies at least one of this 
(SP23). 

[0022] Authentication request section 4B of the Web server terminal 4 which is the client of 
carrier beam authentication about an authentication result notifies the authentication result to 
Web server S/W4C. Web server S/W4C judges the access permission or disapproval to high 
information of whenever [ secrecy / of a Web server database ] to this user by this authentication 
result (SP14). For example, actuation to user access, such as displaying this extra sensitive 
information, is performed. 

[0023] in addition — if it enciphers between between a user terminal 5 (authentication 
information acquisition S/W5B) and the Web server terminal 4, the Web server terminal 4, and 
the authentication server terminal 3 (authentication control-section 3 A), while being able to keep 
authentication information secret — a better threat is reducible, moreover — even if it 

enciphers between not between individual terminals but the user terminal 5 (authentication 
information acquisition S/W5B), and the authentication server terminal 3 (authentication control- 
section 3 A) — the same a better threat is reducible. 

[0024] example 1 . — selection processing of the simple example of a database structure and 
authentication information acquisition S/W5B is explained here using drawing 3 and drawing 4 . 
The item of user ID, user level, and authentication information is stored in authentication 
information database 3B of drawing 3 as information for every individual user. User ID is an 
identifier, a firm, a personnel number, affiliation, an address, a telephone, etc. and ID currently 
assigned for every individual by the system. Moreover, user level is an access level to extra 
sensitive information, and authentication information is biometrics information, such as 
fingerprint information as authentication information on a collating agency, hand information, 
and retina information, password information, the information on a one-time password, etc. 
further. 

[0025] The authentication information acquisition S/Wl 1 grade which acquires authentication 
information acquisition S/W 1 1 which acquires both fingerprint information and retina 
information, authentication information acquisition S/Wl 1 which acquires two fingerprint 
information, fingerprint information, and hand information is stored in authentication 
information acquisition S/W pool 3C of drawing 4 . Moreover, selectable authentication 
information acquisition S/W 1 1 and data classification corresponding to secret level in 
authentication information acquisition S/W pool 3C are shown. 

[0026] Let the case where the user has accessed information on Web server database 4C of data 
classification =17 first be an example as explanation of the optional feature of authentication 
information acquisition S/Wl 1 of the authentication server terminal 3 in this example 1. It is 
referred to as authentication client ID=15 which are equivalent to the identifier of authentication 
request section 4B at this time, and is referred to as application ID=25 equivalent to the identifier 
of Web server S/W4C. Web server S/W4C notifies being attested [ of a user ] to data 
classification =17 at authentication request section 4B at the time of access generating. 
Authentication request section 4B transmits the above-mentioned information, data classification 
=17, authentication client ID=15, and an authentication demand of the user containing 
application ID=25 to the authentication server terminal 3. And the authentication server terminal 
3 receives the authentication demand including such information. 

[0027] Since the data with which authentication control-section 3 A of the authentication server 
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terminal 3 was required as the database of authentication information acquisition S/W pool 3C of 
drawing 4 from the data classification of the received authentication demand are level 2 
whenever [ secret ], they get to know the selectable candidate of with a level of two or more 
authentication information acquisition S/Wl 1 like a graphic display. 

[0028] Some another examples of an authentication information database are explained like 
drawing 3 using example 2., drawing 5 , and drawing 6 . Here, selectable authentication 
information acquisition S/W 1 1 for every authentication client ID and every application ID is 
shown. Authentication control-section 3 A of the authentication server terminal 3 gets to know 
the candidate of authentication information acquisition S/Wl 1 which can choose from the 
authentication client ID and can be chosen from Application ID using such information. 
Therefore, A, B, C, D, E, and F become a candidate, C, D, and E become a candidate by the 
authentication client ID, with Application ID, A, D, E, and F become a candidate and one of D 
and the E is eventually chosen by data classification. 

[0029] The authentication server terminal 3 from the candidate of this selectable authentication 
information acquisition S/W chooses selection or S/W regular fixed with means, such as 
selection or sequential selection, at random. According to environments, such as data 
classification which is access information, authentication request section 4B which is operating 
with the equipment which is the client of authentication, and Web server S/W4C which is the 
application used, an authentication means and authentication information can be flexibly chosen 
like this example, and the existence of specification of an individual and this individual's access 
privilege can be certainly judged according to an environment. 

[0030] example 3. — as a following example, user ID is contained in the authentication demand 
and the case where detail setting out is carried out as the authentication information database of 
drawing 3 shows drawing 7 is explained. The flow of this processing is shown in drawing 8 
which gave the same sign to the corresponding point with drawing 2 . first, the Web server 
terminal 4 — user ID (an identifier, a firm, and a personnel number — ) ID currently assigned for 
every individual by affiliation, the address, the telephone, etc. and the system is acquired. The 
user ID, Client ID (identifier of authentication request section 4B) which were acquired This 
user's authentication is requested from authentication request section 4B with Application ID 
(identifier of Web server S/W4C which is the application which needs authentication), and 
access data classification (secret level of the data which the user has accessed). 
[0031] When the authentication information database 3B of drawing 7 is attested with a user's 
classification (data administrator, general user, etc.), the authentication client ID which can be 
used, the application ID which can be used, and a principal, the selection situation of 
authentication information acquisition S/W to the past count of convention authentication and the 
information for every user individuals, such as a rate of collating, the total count of 
authentication, and a selection criterion, are added to the authentication information database of 
drawing 3 as the control information of the application handed over by application and a 
collating log. 

[0032] When user ID is contained in the authentication demand, it chooses in accordance with 
the selection criterion of the applicable user of drawing 7 . It is user ID =1 as an example, and, as 
for others, in the case of data classification =17, authentication client ID=15, and application 
ID=25 as well as a front example, authentication request section 4B transmits an authentication 
demand of the user who contains user ID =1, data classification =17, authentication client ID=15, 
and application ID=25 as the above-mentioned information to the authentication server terminal 
3. 
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[0033] And the authentication server terminal 3 receives the authentication demand including 
such information. A, B, C, D, E, and F become a candidate by data classification like C, D, 
and E become a candidate by the authentication client ID, by Application ID, A, D, E, and F 
become a candidate and one of D and the E is chosen eventually. Moreover, user ID = since it is 
1, authentication control-section 3 A chooses by the total count of authentication, the 1st time of 
the total count of authentication — D and the 2nd time — E3 time — D and 4timeE .... as — it 
chooses, here — user ID =1 — the total — by count =of authentication 20, since it is the 21st time 
this time, D of authentication information acquisition S/W 1 1 is chosen. 

[0034] If the authentication client ID which can be used for authentication information database 
3B for every user, and the application ID which can be used have assignment as shown in other 
examples . and drawing 7 , only while using the authentication client and application which were 
specified, the access control of sending authentication information acquisition S/Wl 1 to this user 
can be realized. Here, since 15 is in the client ID which can be used and 25 is in the application 
ID which can be used, sending of authentication information acquisition S/Wl 1 is permitted. 
[0035] Moreover, the propriety of sending of authentication information acquisition S/Wl 1 can 
be judged also by user classification shown in drawing 7 . If secret level is furthermore similarly 
assigned to an authentication client and application with a user, the authentication server terminal 
3 can choose authentication information acquisition S/Wl 1 from the level of an authentication 
client, the level of application, and the level of access data classification at the time of selection 
of authentication information acquisition S/Wl 1. That is, control which is chosen from 
authentication information acquisition S/Wl 1 more than the highest level in three, for example 
can be performed. 

[0036] Although it is the same as that of **** after sending of authentication information 
acquisition S/Wl 1, since user ID is already acquired, the places to which only authentication 
information is transmitted differ. Moreover, when attested with the principal of drawing 7 , the 
Web server terminal 4 can also realize a variegated access control using Key-1 which is the 
control information of the application handed over by application. 

[0037] Furthermore, when a selection criterion replaces with this although the selection criterion 
was the total count of authentication in **** as an example of the rate of collating of drawing 7 , 
and a selection criterion considers as collating assessment, in with a level of two or more 
authentication information acquisition S/Wl 1, the highest thing of the past collating assessment 
is looked for from this user's collating log, and it is chosen. Here, since collating assessment of 
the last E is the highest, E is chosen. 

[0038] Moreover, there is also an example which omits the authentication acquisition S/W 
transfer to an authentication client from the authentication server terminal 3. When 
authentication information acquisition S/W is decided by the case of the Web system 1 
mentioned above fixed, the Web server terminal 4 of an authentication client acquires 
authentication information acquisition S/Wl 1 beforehand, and you may make it transmit the 
authentication information acquisition S/Wl 1 without a transfer of authentication information 
acquisition S/W to the Web server terminal 4 of an authentication client from the authentication 
server terminal 3 in it at a user terminal 5 with the Web server terminal 4 which is an 
authentication client. 

[0039] As mentioned above, it sets to this Web system 1. The user who has accessed when 
attesting using biometrics information, The data classification which is access information, and 
authentication request section 4B which is operating at the Web server terminal 4 which is the 
client of authentication, The existence of specification of an individual and this individual's 
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access privilege can be certainly judged according to the environment by choosing authentication 
information acquisition S/W 1 1 which acquires information dynamically required for 
authentication according to environments and authentication hysteresis (at the time of 
authentication condition), such as Web server S/W4C which is the application used. 
[0040] gestalt 2. of operation — the gestalt 1 of operation is simplified in the gestalt 2 of this 
operation. Drawing 9 which gave the same sign to the corresponding point with drawing 1 has 
the user terminal which acquires biometrics information, and the same terminal of an 
authentication client. They are computer apparatus with which local database 5C which there is 
database retrieval application 5E which performs database retrieval as an example of application 
to be attested, and database retrieval application 5E uses, authentication request section 5D, and 
database retrieval application 5E to be attested [ of a user ] and authentication information 
acquisition S/Wl 1 operate, such as a personal computer and a workstation. It connects with the 
user terminal 5, and it is the completely same configuration as the gestalt 1 of operation 
mentioned above, and biometrics acquisition equipment 6 is the completely same configuration 
as the gestalt 1 of the operation which also mentioned the authentication server terminal 3 above. 
[0041] In drawing 10 which is fundamentally the same as the gestalt 1 of above-mentioned 
operation, and gave the same sign to the corresponding point with drawing 2 and drawing 8 
database retrieval application 5E In case it accesses to the extra sensitive information of local 
database 5C, (SP5), User ID (an identifier, a firm, a personnel number, affiliation, an address, a 
telephone, etc. and ID currently assigned for every individual by the system) is acquired first 
(SP6). The user ID, Client ID (identifier of authentication request section 5D) which were 
acquired This user's authentication is requested from authentication request section 5D with 
Application ID (identifier of database retrieval application 5E which is the application which 
needs authentication), and access data classification (secret level of the data which the user has 
accessed) (SP7). 

[0042] Actuation of the authentication server terminal 3 is the same as the gestalt 1 of operation, 
authentication processing is performed, and authentication request section 5D of the user 
terminal 5 which is the client of carrier beam authentication about an authentication result 
notifies the authentication result to database retrieval application 5E. Database retrieval 
application 5E judges whether access to the high information on whenever [ secrecy / of local 
database 5C ] is permitted to this user by this authentication result (SP8). For example, actuation 
to user access, such as displaying this extra sensitive information, is performed. According to 
such a configuration, a user terminal 5 can acquire the same effectiveness as the gestalt 1 of 
operation mentioned above in the configuration which advances an authentication request. 
[0043] gestalt 3. of operation — with the gestalt 3 of this operation, in drawing 2 and drawing 1 1 
which gave the same sign to the corresponding point with drawing 8 , when the personal 
authentication information specified by authentication information acquisition S/Wl 1 
transmitted from the authentication server 3 does not suit a user's intention, the procedure (SP2B, 
SP12A) in which a user refuses applicable authentication information acquisition S/W is shown. 
The authentication server terminal 3 with which acquisition was refused reselects other 
authentication information acquisition S/W (SP20A). However, it is the case where there is other 
authentication information acquisition S/W which can reselect as mentioned above about 
drawing 4 . 

[0044] When accompanied by a thing and dysphoria with the specified biometrics acquisition 
equipment 6 dirty when using biometrics as individual authentication information, a user does 
refusal. Although biometrics is effective in identifying an individual, the problem of privacy 
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protection and the opportunity for a user to also refuse or change a sanitary problem for a certain 
reason are indispensable as mentioned above. 

[0045] Moreover, also when biometrics acquisition equipment 6 cannot trust it in security, even 
if there is the intention to say that he wants to specify alternative means, such as a one-time 
password (OTP), even if complicated [ other than biometrics information ] and it follows the 
intention of refusal of a user or modification, the effectiveness that the existence of specification 
of an individual and this individual's access privilege can be certainly judged according to the 
environment can acquire by choosing authentication information acquisition S/W which acquires 
information dynamically required for authentication. 

[0046] As a means to acquire the same effectiveness as the gestalt 3 of gestalt 4. implementation 
of operation, the optional feature of acquisition authentication information is included in 
authentication information acquisition S/W of the gestalten 1 and 2 of operation itself. In the 
example of the gestalt 1 of operation, what carries out authentication implementation for the 
fingerprint and hand information on D, and the thing to attest only with the fingerprint of E can 
be chosen as authentication information acquisition S/W which can be chosen. At this time, the 
places to which authentication information acquisition S/W which an authentication server 
combines with the authentication information acquisition function of D and E both is transmitted 
differ. 

[0047] The configuration and operations sequence of Web system 1 the very thing are the same 
as that of the gestalten 1 and 2 of operation. The screen image of authentication information 
acquisition S/W by the side of a user is shown in drawing 12 . A user chooses either from D/E 
and acquires his own [ an authentication means and ] authentication information. If it chooses 
any of the selection carbon buttons 12A and 12B of a screen they are, authentication information 
acquisition S/W will operate, and authentication information chosen actually is acquired. At the 
authentication server terminal 3, with the classification of the sent authentication information, it 
can judge whether it can attest in the group of the sent information, and the same effectiveness as 
the gestalt 3 of operation can be acquired. 

[0048] Although the authentication information acquired by authentication information 
acquisition S/W was determined with the gestalten 1-4 of the gestalt 5. above-mentioned 
operation of operation, it is good even if like [ which the authentication information acquired not 
on authentication information acquisition S/W but on a screen is shown ]. For example, at the 
time of the count of authentication of the detail database of the gestalt 1 of operation, it is 
displayed that fingerprint information and hand information are sent to a screen. Thereby, a user 
operates the software which acquires authentication information spontaneously according to the 
displayed content, and sends the acquired authentication information to the authentication server 
terminal 3. 

[0049] Moreover, you may make it display that the authentication information which was not 
shown concretely but was beforehand decided by the display is sent. In this case, the software 
with which a user acquires authentication information for all the authentication information 
beforehand notified in advance by storage of a user from the manager etc. to the user separately 
spontaneously is operated, and the acquired authentication information is sent to an 
authentication server. If it does in this way, the same effectiveness as the gestalt 1 of above- 
mentioned operation is realizable, but in a display, since a means to acquire serves as treatment 
like a password when sending the authentication information which was not shown concretely 
but was decided beforehand, security can be improved much more. 

[0050] In addition, in the gestalten 1-4 of above-mentioned operation, in the Web server terminal 
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4, although the case where a user's personal authentication was performed was described, it is 
widely applicable [ this invention ] to the general control unit which needs a user's personal 
authentication like the close leaving terminal unit connected not only to this but to the network. 


DESCRIPTION OF DRAWINGS 


[Brief Description of the Drawings] 

[Drawing 1] It is the block diagram showing the configuration of the gestalt 1 of operation [ the 
remote authentication system by this invention ] 0 f ******** 0 f a Web system. 
[ Drawing 2 ] It is the timing chart with which explanation of the authentication processing in the 
Web system of drawing 1 is presented. 

[Drawing 3] It is the graph with which explanation of the example 1 of the authentication 
information database in the authentication server terminal of drawing 1 is presented. 
[Drawing 4] It is the graph with which explanation of the example 1 of the authentication 
information database in the authentication server terminal of drawing 1 is presented. 
[Drawing 5] It is the graph with which explanation of the example 2 of the authentication 
information database in the authentication server terminal of drawing 1 is presented. 
[ Drawing 6 ] It is the graph with which explanation of the example 2 of the authentication 
information database in the authentication server terminal of drawing 1 is presented. 
[Dra wing 7] It is the graph with which explanation of the example 3 of the authentication 
information database in the authentication server terminal of drawing 1 is presented. 
[Drawing 8] It is the timing chart with which explanation of authentication processing of the 
example 3 in the Web system of drawing 1 is presented. 

[Drawing 9] It is the block diagram showing the configuration of the gestalt 2 of operation [ the 
remote authentication system by this invention ]of ******** 0 fa Web system. 
[ Drawing 10] It is the timing chart with which explanation of the authentication processing in the 
Web system of drawing 9 is presented. 

[Drawing 1 1 ] It is the timing chart with which explanation when refusal occurs as a gestalt 3 of 
implementation of the authentication processing in the Web system of drawing 1 is presented. 
[Drawing 12] It is approximate line drawing with which explanation of the display screen of 
authentication information acquisition S/W is presented as a gestalt 4 of operation of the Web 
system of drawing 1 . 
[Description of Notations] 

1 Web System 

2 Network 

3 Authentication Server Terminal 
3A Authentication control section 

3B Authentication information database 

3C Authentication information acquisition software pool 

4 Web Server Terminal 
4A Web server database 

4B Authentication request section 
4C Web server software 

5 User Terminal 
5A Browser 

5B Authentication information acquisition software actuation 
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6 Biometrics Acquisition Equipment 

7 Fingerprint Acquisition Equipment 

8 Palm-Print Acquisition Equipment 

9 Character Recognition Tablet 

10 Retina Information Acquisition Equipment 

11 Authentication Information Acquisition Software 


[Translation done.] 
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•f7yHD, tffl^STT'D^-VayiDtilg 

MS/W1 1 Sr^#-r5^»T^-fe^ffl#^^T^ 
5„ ttftt5^7'f7y h I DtU5x)Sfc 

ffiMt?t5T7 c y >- I Dtt25^fe5fc 

[0 0 3 5] Sfc, g7|I^ta- tfffiB'JtioTfcfR 
Hff«#s/w 1 1 ©SffroBT^Sr^Jfe-et 5. $ b 

icfRBE^ y r >• h t" y -7-- 3 v{c3.— r t r« 
u^^t ij 9 sna, mffiftffissiM s/wn® 

SKBffc, miEf— /^*3ilfg|iE^5^T^b(D^ 

^^frhmmtrnM^ s/wi i5rs^§5o -r* 

fc>*>, ^x.«3-o©cp©gtKv^-<;vj^J:cDMIiEff« 
St# S/Wll d» 6>S*R-f 5 i 5 JSfflWas-C 1 5o 
[0 0 3 6] !SKEfif#I&#S/W 1 1 <DmttUm-±, Ji 

0 7 A t UBE $ Jbfcii^- 1 r ^ y -jr- V 3 ^ t § I f 

iS^^sryy ^r- -y g y©WttSfj)5, Key- 

l^rWe bf— ^S*4^ftfflLT#^/ c eT^ir^ft!iJ#P 
[0 0 3 7] SKSip^si 7 cofS^co^ t u 

_hco^iitf«#s/wi lrotp-e, 

K-T5„ r r-??i4WlH]©EcofS^Wffi^SfeftV^T'E 

[0 0 3 8] Sfc, fplf— /^S* 3^ bSBE^ 7 

LfcWe b v-^A 1 ©7--^-e(4|gfiE^ 7>f7y hT- 
fc5Webf-/^4!:iot 1 ig|I'fflRSi#S/W 

©Web if- 4 a5gf£tt$BSi# S /W 
S#bT*3t, ^©mtiEftS^S/Wl 1 SrHfiEf— 
s<^3frbmm?74T>'h<DWe b-if-/^S*4 

mmw s /w<Dmmt£ uc^-^mm 5 

[0 0 3 9] i^_h©J; 5(-, r©Web-y^f Alirs 
^Ti4, b y ^^ff«(CJ;i9f8fiE^T5»^ 

tS8E©^7-fT^h"CS)5We b f^-^ffi 
*4-eft^LTV^5fSBEtfeSBla5 4B^ ffiffiT^y^- 
•ygytfcSWe bf-AS/W4 C^W^it^MtiEa 

5t#r sisfiEW s/wii sr^iw-r 5 rtia 

•5, f@A©#St^f@A©T7ir^lt©#*&^©^ 
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>- 5 E t fgBEffifS^W s /w 1 1 ^ftf^-fS^- y -T/v 

^SSR§ti--C*i5, J^LfclSJfi©JB«li:£<l^ai© 
SifcKfEf— ^*B*3 iisELfcHit© 

[oo4i] m^mca±^(Dmm(DMm itm zxh 

fC&VMT, f-^"<-xti7^!) ^->g y 5 Ei±, 
n-*;vf-^"<-^ 5 C©t^tiNR~r*ir;*-f-5BS 
in (SP5) , £1*3.— if ID (^ft £tt, ttJt# 

btiX^ZlB) £r&#L (SP6) , K#Lfc^--if 
ID, ^-fr^HD (i8IEtfe«S8 5D©|»Jgim , 

aim , r^-fe^x-^ssij (^-if^r^-fe^brt 

-1f©fBBE«:0»r3 (SP 7) „ 
[0 0 4 2] fBBEiJ— ^SB* 3 ©»fmiSJfii©7£?ffi 1 h 

mumm % mn luu^m %s it fc® ie© 

y 7 T y b Xh 5 a-— if 5 <DMU$iffi& 5 D J±, 

^©^.fiEem&x-^^-^^T^y fr—\ V b > 5 E 
fcilftrfSo f-^"<^if7^y^>3y5Ett 

5 c©^a©i«vMt#~©7*ir*fcfF«rt-5;&» 

m^m&ir6 (SP8) „ W£tfR8fc8fft*©«^& 
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mutmm'\mxmumm-t& t>© t , E<o»*t 
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/^ffl* 3 hflX f fcSBElff«©a8iJ t *t-> xk b 

tlX t fcffif #©fl^PiEi5Tt^£r¥ iJSf t , ^*©J^ffi 

[0 0 4 8] mfc<OJ&1& 5 . _hK&©^S©J#ffi 1 ~ 4 X 

S $ tbT V ^fc is , SiElf S / WCM:* < H® 

fi, Hffit-lMiff Sir Wff#^M5 J; 5 

[0 0 4 9] s/t, *^-e*fi|£«jt^$n-f , 
v \ r ©4§-g-t±3.~-if ©fs«t i o T^**Hfr^S'J^=- 

^T*SrSifP$*T, &#Lfc|gfiE'[i#£!gfiE-y-- /^t 
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— !f©/M^^ h y ?*flm©Btf#£8Sfcy£X-C, 
t^bH^ WfSB t IgfEffiffR £ S * KSft L&#-f 
SriS-et, a>< Ltftita- if©#£i^©3.— if© 
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